We were trying to hide our code from the client. We didn't want them to judge us because of the bad indentations we followed. Lol!
Basically, we wanted to obfuscate it so that the client doesn't get hold of the source code. This is what we did.
- We had a git repository obviously where all the developers pushed their code.
- Each client had their own branch. This was done to handle customizations at a client level.
- Each client had their own server instance(AWS) also. They had a docker file that would pull code from the particular branch into the server.
- On the server, once the code was pulled, it was built and obfuscated and the original source files were removed. Only the gibberish build folder remained on the client's server.
So far things were good. That is when we realized the client can modify our docker file and pull the code from the branch if needed.
- We introduced a new server in between our git repository and the client's server. The only function of this server was to take as input the client name and send as output the build file after obfuscation to the client's server.
But since we are never satisfied with things in our lives, we are still trying to find flaws in this approach. We know one for sure .i.e. it takes too much time to do all of this.
P.S.: if you are one of our clients, we did this to protect your code from malicious attacks :|
We took it a step further here